Juicy Open Ports for Recon and Pentests

fancy hacker, because reasons
Once you do a recon (aka: infrastructure-hacking) against a target-network or organization, you'll come across a list of open ports. Sometimes juicy ports, that allows you to access information directly, thanks to hipstersoft like mongo, redis, elasticsearch or manipulate services via management-access like JMX-Consoles.

We provide a list of juicy ports of what we came across during our infrastructure - assessments and might be more than interesting for others.

Long Story Short: if you are an company/org that exposes these ports to the internets -> shut them down, thats what firewalls are for. if you are a pentester, probably jackpot.

Download List as csv

Severity-Level:

  • Warning: open port/service might grant unauthorized access to information
  • Critical: open port/service allows unauthorized access to information, disrupt services or allows compromise of services
Port TCP UDP Service Severity




Fragen? Kontakt: info@zero.bs